<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2021/9/8
 * Time: 16:37
 */
if(!session_id()) session_start();
header("Access-Control-Allow-Origin:*");
header('Access-Control-Allow-Methods:POST,GET');
header('Access-Control-Allow-Headers:x-requested-with,content-type');

require_once('dbServerConnect.php');
$con = new DB();
$link = $con->mySqlServer();

if (!$link) {
    echo '数据库连接失败';
    return;
}

// 判断请求类型
$method = $_SERVER['REQUEST_METHOD'];

if ($method === "GET") {
    $getId = $_GET['id'];
    $username = $_GET['username'];
    $logSql = "select * from login where username='$username' and power='super'";
    $logRes = mysqli_query($link,$logSql) or die(mysqli_error($link));
    $logResult = mysqli_fetch_row($logRes);
    //  判断是否为super管理员
    if($logResult) {
        $sql = "delete from comment where id=$getId";
        $res = mysqli_query($link,$sql) or die(mysqli_error($link));
        if($res) {
            $res = array('result' => array('status' => 1,'mgs'=>'删除成功！'));
            echo json_encode($res);
        }
        else {
            $res = array('result' => array('status' => 0,'mgs'=>'删除失败！'));
            echo json_encode($res);
        }
    }
    else {
        $res = array('result' => array('status' => 0,'mgs'=>'你没有【权限】删除评论！'));
        echo json_encode($res);
    }
}
// 修改评论
else if($method === "POST") {
    $jsonData = file_get_contents("php://input");
    $decodeData = json_decode($jsonData, true);
    $id = $decodeData['commentForm']['id'];
    $comment = $decodeData['commentForm']['comment'];
    $comment = str_replace("'", "''",$comment);
    $username = $decodeData['commentForm']['username'];

    $logSql = "select * from login where username='$username' and power='super'";
    $logRes = mysqli_query($link,$logSql) or die(mysqli_error($link));
    $logResult = mysqli_fetch_row($logRes);
    //  判断是否为super管理员
    if($logResult) {
        $sql = "update comment set comment='$comment' where id=$id";
        $res = mysqli_query($link,$sql) or die(mysqli_error($link));
        if($res) {
            $res = array('result' => array('status' => 1,'mgs'=>'编辑成功！'));
            echo json_encode($res);
        }
        else {
            $res = array('result' => array('status' => 0,'mgs'=>'修改失败！'));
            echo json_encode($res);
        }
    }
    else {
        $res = array('result' => array('status' => 0,'mgs'=>'你没有【权限】编辑评论！'));
        echo json_encode($res);
    }
}